You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Description:
This issue will deliver documentation and demo on how separation of duties will be maintained to meet security control, AC-05.
Acceptance Criteria:
Documentation user roles with list of permissions and account management to meet AC-05 is is documented in docs (with screenshots of Django Admin Control (DAC) if applicable)
Demo of user roles to show separation of duties using Django Admin Control (DAC)
Tasks: Create a list of granular, specific work items that must be completed to deliver the desired outcomes of this issue
Task 1
Task 2
Task 3
Run Testing Checklist and confirm all tests pass
Notes:
AC-05 security control:
The organization:
a. Separates [at a minimum, data creation and control, software development and maintenance, and security functions];
b. Documents separation of duties of individuals; and
c. Defines information system access authorizations to support separation of duties.
To meet
document user roles with list of permissions, account management,
backend can demo separation of duties (demo of documented user role with permissions)
Supporting Documentation: Please include any relevant log snippets/files/screen shots
shubhi-raft
changed the title
As a product owner, I want to separation of duties to meet AC-05 security control
As a product owner, I want separation of duties to meet AC-05 security control
Dec 2, 2020
shubhi-raft
changed the title
As a product owner, I want separation of duties to meet AC-05 security control
As a product owner, I want document separation of duties to meet AC-05 security control
Jan 21, 2021
Duplicate with #587, moving to a different organizational method to track security control documentation (each security control family will be an epic, each control will be an issue under that epic)
Description:
This issue will deliver documentation and demo on how separation of duties will be maintained to meet security control, AC-05.
Acceptance Criteria:
Tasks:
Create a list of granular, specific work items that must be completed to deliver the desired outcomes of this issue
Notes:
AC-05 security control:
The organization:
a. Separates [at a minimum, data creation and control, software development and maintenance, and security functions];
b. Documents separation of duties of individuals; and
c. Defines information system access authorizations to support separation of duties.
To meet
document user roles with list of permissions, account management,
backend can demo separation of duties (demo of documented user role with permissions)
Supporting Documentation:
Please include any relevant log snippets/files/screen shots
Open Questions:
Deliverable:
The text was updated successfully, but these errors were encountered: